snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2024-11-23 02:27:40 +08:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

Fix tenant token validation when exp is null

Browse Source
This commit is contained in:
ManyTheFish 2022-03-15 16:10:33 +01:00 committed by Kerollmops
parent 968053649b
commit 4aef7c5ac5
No known key found for this signature in database
GPG Key ID: 92ADA4E935E71FA4
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
meilisearch-http/src/extractors/authentication/mod.rs
View File

@ -144,6 +144,7 @@ pub mod policies {
pub static TENANT_TOKEN_VALIDATION: Lazy<Validation> = Lazy::new(|| { pub static TENANT_TOKEN_VALIDATION: Lazy<Validation> = Lazy::new(|| {
let mut validation = Validation::default(); let mut validation = Validation::default();
validation.validate_exp = false; validation.validate_exp = false;
validation.required_spec_claims.remove("exp");
validation.algorithms = vec![Algorithm::HS256, Algorithm::HS384, Algorithm::HS512]; validation.algorithms = vec![Algorithm::HS256, Algorithm::HS384, Algorithm::HS512];
validation validation
}); });
@ -205,9 +206,7 @@ pub mod policies {
return None; return None;
} }
let mut validation = Validation::default(); let mut validation = TENANT_TOKEN_VALIDATION.clone();
validation.validate_exp = false;
validation.validate_nbf = false;
validation.insecure_disable_signature_validation(); validation.insecure_disable_signature_validation();
let dummy_key = DecodingKey::from_secret(b"secret"); let dummy_key = DecodingKey::from_secret(b"secret");
let token_data = decode::<Claims>(token, &dummy_key, &validation).ok()?; let token_data = decode::<Claims>(token, &dummy_key, &validation).ok()?;